ClawAudit verdict
alibabacloud-tair-devtoolset
This skill manages Tair/Redis instances on Alibaba Cloud through the official aliyun CLI; it explicitly warns that restore operations are high-risk and overwrites data, and forbids printing AK/SK values.
⚠ Flagged for review — coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
Findings (7)
Possible hardcoded credential
references/connection-management/connect-with-tls.md · code · password="redistest:Pas***23
References sudo — requests elevated privileges
references/cli-installation-guide.md · code · sudo
Dynamic import() — loads module at runtime
references/connection-management/connect-with-tls.md · code · import (
"
Downloads executables from external URLs
references/instance-creation/connect-create-instance.md · code · Download from https://
apt-get install — installs system packages
references/instance-creation/connect-create-instance.md · code · apt-get install
yum install — installs system packages
references/instance-creation/connect-create-instance.md · code · yum install
Popular HTTP library — network access
references/error-troubleshooting/errors-troubleshooting.md · prose · downgraded · got
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class B). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
No declared permissions — minimal attack surface.
Is this flag fair?
Thanks — recorded.